Lucene search
+L

4 matches found

vulnersOsv
vulnersOsv
added 2024/04/05 3:0 p.m.5 views

thingvellir (>=0.0.0-alpha1 <=0.0.2-alpha2) potentially affected by CVE-2024-27284 via cassandra-cpp (=0.15.1)

cassandra-cpp CARGO version =0.15.1 is affected by a known vulnerability. The following packages have a transitive dependency on cassandra-cpp and may be impacted: - thingvellir =0.0.0-alpha1, =0.0.2-alpha2 Source cves: CVE-2024-27284 Source advisory: OSV:GHSA-X9XC-63HG-VCFQ...

7.5CVSS7.1AI score0.00817EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/02/28 3:46 p.m.8 views

CVE-2024-27284 cassandra-rs non-idiomatic use of iterators leads to use after free

cassandra-rs is a Cassandra CQL driver for Rust. Code that attempts to use an item e.g., a row returned by an iterator after the iterator has advanced to the next item will be accessing freed memory and experience undefined behaviour. The problem has been fixed in version 3.0.0...

7.5CVSS6.8AI score0.00817EPSS
Exploits0References2
CVE
CVE
added 2024/02/28 3:46 p.m.107 views

CVE-2024-27284

The CVE concerns the cassandra-rs Rust Cassandra (CQL) driver. A use-after-free exists when code uses an item from an iterator after advancing the iterator, potentially accessing freed memory. The issue is fixed in version 3.0.0; users with pre-3.0.0 versions should upgrade to 3.0.0 to mitigate. ...

7.5CVSS7.5AI score0.00817EPSS
Exploits0References2Affected Software1
vulnersOsv
vulnersOsv
added 2024/02/28 12:0 p.m.4 views

thingvellir (>=0.0.0-alpha1 <=0.0.2-alpha2) potentially affected by CVE-2024-27284 via cassandra-cpp (=0.15.1)

cassandra-cpp CARGO version =0.15.1 is affected by a known vulnerability. The following packages have a transitive dependency on cassandra-cpp and may be impacted: - thingvellir =0.0.0-alpha1, =0.0.2-alpha2 Source cves: CVE-2024-27284 Source advisory: OSV:RUSTSEC-2024-0017...

7.5CVSS7.1AI score0.00817EPSS
Exploits0
Rows per page
Query Builder